<?php

require_once "mysql_info.php";

if (isset($_POST['latitude']) &&
    isset($_POST['longitude']) &&
    isset($_POST['title']) &&
    isset($_POST['description']) &&
    isset($_POST['userip'] &&
    isset($_POST['expiration']) {
  $db_server = mysql_connect($db_hostname, $db_username, $db_password);

  $latitude = mysql_real_escape_string($_POST['latitude'], $db_server);
  $longitude = mysql_real_escape_string($_POST['longitude'], $db_server);
  $title = mysql_real_escape_string($_POST['title'], $db_server);
  $description = mysql_real_escape_string($_POST['description'], $db_server);
  $userip = mysql_real_escape_string($_POST['userip'], $db_server);
  $expiration = mysql_real_escape_string($_POST['expiration'], $db_server);

  $result = db_access("INSERT INTO listings " .
    "(latitude, longitude, title, description) " .
    "VALUES (" . $latitude .
          ", " . $longitude .
          ", '" . $title .
          "', '" . $description .
          "', " . $userip .
          ", " . $expiration, $db_server);

  if ($result == 1) {
    "Post successful."
  } else {
    "Post failed."
  }

  $result = db_access("SELECT * FROM listings " .
    "WHERE (userip = " . $userip . ")");

  echo "<ul>";
  for ($i = 0; $i < mysql_num_rows($result); $i++) {
    echo "<li>";
    foreach (array("title", "description", "latitude", "longitude") as $item) {
      echo mysql_result($result, $i, $item) . "<br/>";
    }
    echo "<button>delete</button><button>modify</button></li>";
  }
  echo "</ul>";

} else {
  echo ("Arguments are missing, got: " . $_POST['latitude'] . ", " . $_POST['longitude'] . ", " . $_POST['title'] . ", " . $_POST['description']);
}

?>
